mirrors/archlinux-docker
1
0
Fork 0
mirror of https://gitlab.archlinux.org/archlinux/archlinux-docker.git synced 2025-08-05 21:57:13 +02:00
Code Issues Projects Releases Wiki Activity

Disable sandbox in oci images due to missing kernel landlock

Browse Source 
Resolves the `error: restricting filesystem access failed because the
landlock ruleset could not be applied!` when running pacman.

Closes #103.
This commit is contained in:
Justin Kromlinger 2025-01-31 12:02:51 +01:00
parent cac42fb2e6
commit ae0527df18
No known key found for this signature in database
GPG Key ID: 69EF6D9E49A64EB8
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
scripts/make-rootfs.sh
View File

@ -18,6 +18,11 @@ cat pacman-conf.d-noextract.conf >> "$BUILDDIR/etc/pacman.conf"
sed 's/Include = /&rootfs/g' < "$BUILDDIR/etc/pacman.conf" > pacman.conf sed 's/Include = /&rootfs/g' < "$BUILDDIR/etc/pacman.conf" > pacman.conf
sed -i '/#DisableSandbox/{c\
# No kernel landlock in containerd\
DisableSandbox
}' "$BUILDDIR/etc/pacman.conf"
cp --recursive --preserve=timestamps rootfs/* "$BUILDDIR/" cp --recursive --preserve=timestamps rootfs/* "$BUILDDIR/"
ln -fs /usr/lib/os-release "$BUILDDIR/etc/os-release" ln -fs /usr/lib/os-release "$BUILDDIR/etc/os-release"